The CESP ADCS course focuses on the security assessment of Active Directory Certificate Services (AD CS) within enterprise domains. It covers certificate-based authentication, common template misconfigurations, enrollment abuses, PKI trust relationships, and privilege escalation paths that originate from Enterprise CA weaknesses. The material is lab-driven and centers around identifying and exploiting realistic ESC attack paths, relay scenarios, and certificate-based persistence mechanisms.
Since AD CS is tightly integrated with Active Directory and often insufficiently reviewed during internal assessments, the course provides a structured approach to enumerating and abusing certificate infrastructure. It emphasizes understanding how certificate-based authentication interacts with domain security boundaries. The certification validates the ability to analyze, exploit, and document AD CS-related attack paths in modern enterprise environments, which I will target in the near future.
Here, you can learn more about this project: Certified Enterprise Security Professional – AD CS (CESP ADCS)